How to choose security vendors with cybersecurity in mind

Many businesses today are focusing on their digital transformation journey. They’re investing in the latest IoT devices, digitizing old processes with innovative solutions, and finding new ways to capitalize on data they’re already collecting. But where business opportunities grow, so do the risks.

The more devices and solutions that you add to your ecosystem, the more your exposure to cybersecurity vulnerabilities increase. According to the Accenture State of Cybersecurity Report, third-party risks still dominate all cyber attacks. 61% of successful cyber breaches come from indirect attacks on organizations through their supply chain.

In a world where organizations no longer have clearly defined network perimeters, how can businesses and government agencies protect themselves? It starts with taking a more thorough cybersecurity risk assessment to establish baseline security standards for the solutions they purchase, and the vendors they partner with.

 

 

Prioritize supply chain risk management

Supply chain risk management isn’t something new. We’ve all heard the breach stories: the banning of state-owned camera manufacturers by certain governments, citing trust and security vulnerabilities; information privacy leak for products; and of course, thousands of customers being exposed to malware attacks.

No matter how you slice it, who you decide to partner with can impact your cyber resilience. And since third-party breaches are becoming more frequent, many data protection and privacy regulations are evolving to hold organizations more accountable.

Under the General Data Protection Regulations, for example, organizations can be held liable for a data breach that originates in their supply chain. Even if the supplier is deemed responsible for the breach, the business or data controller is still legally required to report the incident within 72 hours.

The problem? New research from Ponemon Institute and Mastercard’s RiskRecon found that only 34% of organizations are confident their suppliers would notify them of a breach of their sensitive information.

The damages from data breaches can be long-standing. Beyond the monetary penalties for non-compliance that can cripple an organization, damage to the business’s reputation and loss of customer trust can be difficult to recover from.

 

 

Find suppliers that strengthen your cybersecurity posture

In today’s interconnected world, strong cybersecurity can’t happen in siloes. Finding supply chain vendors that take cybersecurity as seriously as you is a must.

And here’s the good news—when you develop a sound strategy for vetting and selecting your vendors, you’re going to be able to do more than strengthen your information privacy and cybersecurity posture. You’ll be building a team of partners who will work alongside you to identify and mitigate vulnerabilities so your cybersecurity posture is hardened against new evolving threats.    

How can you tell if a physical security vendor is committed to cybersecurity? Here are some questions you can ask them:

 

with cybersecurity hardening? Are they offering tools and features to help protect the privacy of people and their sensitive data?

 

Remain proactive in strengthening your supply chain

A good risk management strategy isn’t something you set and forget. Threats are constantly evolving and so should your cybersecurity efforts. Reviewing your risks, assessing your cybersecurity strategies, and auditing your supply chain security should happen regularly. 

Whether it’s once a month or once a year, you should take some time to review the cybersecurity policies of your vendors. Document if they’ve experienced any breaches and how they’ve handled those incidents. Check if any changes have been made to their data protection practices or if they’ve acquired new cybersecurity certifications.

You might also consider scheduling regular cybersecurity check-ins with your channel partner or solution vendor. These focused meetings can be a great opportunity to talk through the latest cybersecurity features available and identify any opportunities for additional hardening.

For instance, if you have a professional or enterprise-level Genetec™ system and a Genetec Advantage subscription, you and your channel partner will get yearly meetings with our Professional Services team. This can help you to address objectives such as full system health checks, cybersecurity audits, or automatic upgrade planning.

Working with a cybersecurity-focused vendor you can trust

A physical security system is as secure as the weakest point or the least trusted device connected to it. It’s that simple. Selecting vendors that build their business on best-in-class cybersecurity practices can make all the difference.

At Genetec, we embed cybersecurity best practices from the design phase of our solutions through to quality assurance, and across their entire R&D process. This allows us to deliver compliant and cyber-resilient solutions that help you protect your most sensitive information—and we don’t stop there. We stay on the pulse of emerging cyber threats and work with our partners and customers to advance cybersecurity measures. This ensures you’re always equipped to keep your cybersecurity posture strong.